Mozilla Foundation Security Advisory 2015-22

Crash using DrawTarget in Cairo graphics library

Announced
February 24, 2015
Reporter
Atte Kettunen
Impact
Moderate
Products
Firefox, SeaMonkey
Fixed in
  • Firefox 36
  • SeaMonkey 2.33

Description

Security researcher Atte Kettunen used the Address Sanitizer tool to discover a crash while drawing images through the Cairo graphics library while using the DrawTarget function. This can result in a segmentation fault due to zero-ing out of memory outside the bounds of the image.

References